Approved Computer Security Auditors

The ERDS Program has the responsibility for oversight and regulation of an ERDS. This responsibility is met by audits and local inspections. The primary process for monitoring the effectiveness of security controls is a computer security audit conducted by a Computer Security Auditor with a valid Certificate of Approval issued by the ERDS Program, pursuant to the California Code of Regulations, Title 11, Division 1, Chapter 18, Articles 1-9.

Through this web page County Recorders have access to centralized contact information about approved Computer Security Auditors. County Recorders are required to verify, prior to entering into a contract with a Computer Security Auditor, that the auditor has a valid Certificate of Approval issued by the ERDS Program.

The Computer Security Auditors, pdf listed are authorized to conduct initial system audits, biennial audits, modified system audits and modified system incident audits on an ERDS for the purpose of: 1) assessing the safety of the system; 2) verifying that the system is secure from vulnerabilities and unauthorized penetration; 3) ensuring ERDS operating procedures are in place and are being followed, and 4) that ERDS have no capability to modify, manipulate, insert, or delete information in the public record.

Note: The information on this page is limited to the public information available: the approved auditor’s name, contact information and the selected geographical location(s) interested in providing auditing services.